Microsoft Is Paying Up To $20,000 To Find Bugs In Xbox Live

Microsoft recently announced the launch of its Xbox Bug Bounty program. As per the program, Microsoft will pay rewards from $1000 to $20,000 for finding security vulnerabilities in the Xbox network and services.

The bounty hunter can be a gamer, security researcher, or a technologist. Although, you won’t be provided with a console or a paid account for finding bugs in Xbox live. You definitely can’t trick Microsoft to give you anything for free.

All the eligible submissions must include clear and concise proof of concept(POC). This further means that the researcher must submit clear, concise, and reproducible steps to make it easier for the Xbox team to review the submission quickly.

The CVD states that the researcher discloses the vulnerability privately to the vendor. It allows the vendor to diagnose the issue and work closely with the researcher to resolve it.

The Xbox team will reward you based on report quality, and the level of impact the reported vulnerability has. You can refer to the table below for better insight.

There are specific rules that you have to follow if you don’t want to be kicked out of the Xbox Bug Bounty program. For instance, you can create multiple accounts for testing the Xbox Network and Services. However, you can’t use those accounts to access data of any customer. Also, phishing and social engineering attacks can get you a red card instantly.

Shivam is a blogger who is always fascinated with technology and the amount of knowledge he can gather from the internet. He is trying to nerdify everyone around him with that same knowledge, through his writings. He enjoys gaming in particular, so he tries to keep track of what’s new in the gaming community and write about it.